While I await Firmware update, I realize how important 'hits' are

Currently reading
While I await Firmware update, I realize how important 'hits' are

1,298
252
NAS
DS 718+, 2x-DS 720+
Router
  1. RT2600ac
Operating system
  1. Windows
Mobile operating system
  1. iOS
I'm presently awaiting a firmware update for an IP Camera, who's security flaw was just reported this month... This happened a couple years ago, with same MFG Camera, and at that time, then, I went into my new 2600ac's firewall... New to Firewall rules, I added two 'Traps' in the firewall.. One for IP Camera Range inbound (Deny), and one for IP Camera range outbound (Deny)... At the time I wanted to know if any tried to communicate... As I don't have any other software to trace this.... The issue a couple years ago was fixed with updated firmware... and probably out of lazy-ness I never removed the 'traps', even though they never logged any 'Hits'....

So After learning about the New Security Flaw in the cameras earlier this week.... I quickly went to see 2600ac Firewall, to see if any 'Hits' had occurred from the rules I'd added 'back when'....

I've also done same with 2 different Video Processor Hardware MFG's I use to process analog & Digital Video, that use IP as a remote control panel... (Last Firmware circa 2010)...

None of the 'traps' had logged even one 'hit'...

Many thanks for the "Hits" Column in the 2600ac Firewall!
 
Can you explain how to setup the traps, I would like to do the same. I have a Netgear Orbi. I have one WiFi camera made by Reolink. I did set some rules, but do not ‘really’ know what I am doing.
 
Last edited:
I set up inbound and outbound deny all rules for the IP’s that are wanted to be blocked. And Hits are the ‘telling’ thing. In theory I should never see any Hits. If I do. It’s trying to phone home.
Multiple cameras have never tripped the Hits in years.

I’m considering doing the same with a device I need operational, that may be a security threat. 4 router firewall rules: 2 to Allow a specific IP to and from the device by IP, followed by 2 rules to deny all to and from this device by IP. This way I’ve isolated the device from doing anything except specific IP’s specified in the firewall.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Probably not. I have tested TP over my 1G WAN and was able to get max speeds. This includes the new 6600...
Replies
3
Views
1,355

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top